« Previous 1 2
Manage containerized setups with Ansible
Put a Bow on It
Ansible Rollouts on Kubernetes
Ansible also has an option for rolling out applications on Kubernetes in next to no time. The kubernetes.core collection,
ansible-galaxy collection install kubernetes.core
provides all the modules you need. The standard k8s
module simply bundles the Kubernetes YAML declaration (as a YML file type) of a resource directly into the Ansible code. You can adopt your existing Kubernetes YML files into your playbooks with virtually no changes.
The example rolls out Ansible AWX on a Kubernetes installation. The playbook requires you to be logged in to your Kubernetes cluster for this to work. The way you log in depends on the authentication service you choose for your Kubernetes version. In our lab, I used a MicroShift installation and was authenticated by kubeconfig
:
export KUBECONFIG=/<path>/kubeconfig
Also, you need to have set up and started the AWX operator on the Kubernetes installation. The process is described online [1] and requires only a few steps. The playbook starts in the usual way,
- hosts: localhost connection: local gather_facts: False
and then declares the variables. Because this example has only four variables, I have not separated them out into a separate YML file:
vars: awx_name: awx01 awx_ns: awx awx_port: 30080 base_url: kube.mynet.ip
The AWX installation awx01
can be reached later from the URL http://kube.mynet.ip:30080
. If you use OpenShift or MicroShift, you can also create a route to enable access from http://awx01.kube.mykier.ip
(Listing 6). In line with this, the operator will create a pod with PostgreSQL, assign a persistent volume to it, and build another pod with the four AWX containers. The service directs the nodeport
into the application. In an OpenShift or MicroShift setup, you can also create the route (Listing 7).
Listing 6
AWX Installation
- name: Install AWX kubernetes.core.k8s: state: present definition: apiVersion: awx.ansible.com/v1beta1 kind: AWX metadata: name: "{{ awx_name }}" namespace: "{{ awx_ns }}" image: "{{ app_image }}" image: service_type: nodeport nodeport_port: "{{ awx_port }}"
Listing 7
Creating AWX Route
- name: AWX-route kubernetes.core.k8s: state: present definition: kind: Route apiVersion: route.openshift.io/v1 metadata: name: "{{ awx_name }}-route" namespace: "{{ awx_ns }}" spec: host: "{{ awx_name }}.{{ base_url }}" to: kind: Service name: "{{ awx_name }}-service" port: targetPort: http wildcardPolicy: None
The operator generates a random password for the admin account and stores it in a secret. Ansible can read this with the k8s_info
module and use it later. In the example, I only output the password on the command line so that the user can log in (Listing 8). However, you could also set up the AWX instance automatically with the controller configuration roles [2] of existing YML files (by exporting another AWX, tower, or controller instance) directly after the rollout.
Listing 8
Retrieving Admin Password
- name: Get Secret kubernetes.core.k8s_info: apiVersion: v1 kind: Secret name: "{{ awx_name }}-admin-pa,ssword" namespace: "{{ awx_ns }}" register: awx_secret - name: AWX Password debug: msg: "Password: {{ awx_secret.resources[0].data.password | b64decode }}"
Conclusions
Cloud rollouts with Ansible work even better with containerized environments than with traditional VM environments. The playbooks are simpler and run far faster. With Kubernetes or Podman, they skip the tedious steps for a VM setup followed by an operating system configuration and application setup. With the help of Nginx, Podman can do for small environments or edge operations what Kubernetes does for large environments. As an automation tool, Ansible works with any platform.
Infos
- AWX operator: https://github.com/ansible/awx-operator
- Controller configuration roles: https://github.com/redhat-cop/controller_configuration
« Previous 1 2
Buy this article as PDF
(incl. VAT)